Insights

As 2025 comes to an end, one theme defines the global compliance landscape: volatility. Over the past twelve months, sanctions and export control regimes have shifted quickly as the second Trump administration reshaped several policies inherited from the Biden years while launching new initiatives focused on Syria, Iran, and transnational cartels.  

The United States and its allies continue to grapple with Russia’s war in Ukraine and Iran’s regional activities, but 2025 also saw the dramatic termination of the long-standing Syria sanctions program, a short-lived but sweeping BIS “Affiliates Rule” that was then suspended, and a new framework for treating cartels as terrorist organizations.

The result is a regulatory environment where vigilance, adaptability, and documentation are operational imperatives. This year-end review summarizes the most consequential developments of 2025 and what to expect as we enter 2026.

Russia and Belarus: Continued Expansion of Energy and Export Restrictions

Russia remains a central concern, but U.S. policy in 2025 has been more selective than in previous years. In January, the U.S. Department of Treasury Office of Foreign Assets Control (OFAC), under the ongoing Biden administration, imposed a package targeting Russian energy financing and 183 vessels involved in oil transport.

In October, the Trump administration shifted to a more visible but narrower approach by imposing blocking sanctions on Russia’s largest oil companies, Rosneft and Lukoil, along with additional vessels and tankers involved in Russia's crude exports. These actions placed core Russian state revenue streams directly under U.S. sanctions and were accompanied by new and amended general licenses to facilitate wind-downs and certain non-Russian retail options.

Meanwhile, Russia continues to rely on a “shadow fleet” of obscure, aging tankers, ship-to-ship transfers, and third-country intermediaries to move crude oil outside the G7 price-cap coalition. For companies involved in shipping, trade finance, and commodities, conducting ownership and routing due diligence regarding Russian-linked cargoes remains essential, even when domestic U.S. policy signals are inconsistent.

Syria: Termination of the Comprehensive Sanctions Program

One of the most important developments of 2025 was the official termination of the Syria sanctions program. On June 30, 2025, President Trump signed an executive order revoking the main Syria sanctions authorities and ending the national emergency supporting them, effective July 1, 2025. As a result, the broad economic sanctions administered by OFAC that made up the Syria Sanctions Program are no longer in effect, and individuals blocked solely under those authorities have been removed from the Specially Designated National (SDN) list and unblocked.

In a joint “Tri-Seal Advisory” issued in November, OFAC, BIS, and the State Department highlighted that the program's end aims to support Syria’s reconstruction and integration into the global economy, while still maintaining targeted sanctions on Bashar al-Assad, human rights abusers, Captagon traffickers, ISIS and al-Qaida affiliates, and Iran-backed actors.

For compliance purposes, the key point is that broad country-wide Syria sanctions have been lifted, but Syria remains a high-risk environment due to residual terrorism, narcotics, and Iran-related designations. Screening should therefore focus on named persons and sector-specific risk, rather than blanket Syria programs.

BIS Entity List, Advanced Technology Controls, and the “Affiliates Rule”

The BIS Entity List continued to grow in 2025, particularly with respect to advanced computing, AI, and dual-use technologies connected to Russia, China, Iran, and other national security concerns.

The most notable development, however, was the short-lived “Affiliates Rule.” On September 29, 2025, BIS issued an interim final rule extending Entity List and Military End-User (MEU) restrictions to any entity that is at least 50% owned, directly or indirectly, by a listed Entity List or MEU party. This effectively transformed the Entity List from an entity-specific tool into a corporate-family tool and imposed new due diligence requirements on exporters to identify ownership structures before shipping.

Following significant industry pushback, the administration acted quickly. On November 10, 2025, BIS issued a final rule suspending the Affiliates Rule for one year, temporarily restoring the pre-September framework while reviewing comments and considering a narrow approach.

For 2026, companies should assume that affiliate-based controls are not currently operative in the Export Administration Regulations (EAR), but that ownership-based concepts are likely to return in some form. Exports should therefore retain and further develop their capability to analyze ownership chains, even during the suspension.

Iran: Restored Priority for Missiles, UAV, and Oil

Throughout the year, OFAC and the State Department issued multiple rounds of sanctions targeting Iran’s UAV and ballistic missile supply chains, Islamic Revolutionary Guard Corps procurement networks, and oil-shipping facilitators.

OFAC and the State Department issued new advisories for the shipping and maritime sectors on identifying and countering Iranian oil sanctions evasion, focusing on deceptive shipping practices, altered Automatic Identification System (AIS) data, and complex corporate ownership structures.

For 2026, Iran-related compliance will focus on three main areas: missile and UAV supply chains, oil and petrochemical shipping, and financial facilitation. Companies involved in any of these sectors should expect increased scrutiny and more aggressive unilateral U.S. enforcement.

Cartels: EO 14157 and the Terrorism-Sanctions Architecture

 The Trump administration took an unprecedented step in January 2025 by issuing Executive Order 14157, “Designated Cartels and Other Organizations as Foreign Terrorist Organizations and Specially Designated Global Terrorists.” This order established a framework for treating certain transnational criminal organizations similarly to terrorist organizations.

On February 20, 2025, the State Department designated an initial group of Mexican cartels as Foreign Terrorist Organizations (FTOs) and Specially Designated Global Terrorists (SDGTs). Treasury followed with blocking sanctions and asset freezes, including a high-profile August action targeting Carteles Unidos, Los Viagras, and related money-laundering networks.

This architecture means that cartel-related exposure now includes risks related to terrorism, narcotics, and sanctions, each with potential legal and financial consequences. Financial institutions, logistics providers, and any businesses connected to Mexico’s border routes, Pacific and Gulf ports, or interior financial hubs in Mexico should ensure their sanctions and anti-money laundering (AML) programs are strongly coordinated.

DOJ and NSD: Enforcement as Compliance Driver

The Department of Justice’s National Security Division (NSD) has continued to position export controls and sanctions as top-tier enforcement priorities in Trump’s second term. Recent cases and declinations involving export-control and sanctions violations, including instances where DOJ declined prosecution following timely and complete self-disclosure, show that DOJ is prepared to reward robust compliance programs while punishing individuals and institutions that ignore red flags.

In this environment, internal investigations, decision memos, and board-level oversight are no longer merely internal governance artifacts; they are evidence that the government may review when assessing whether a company acted in good faith.

A Converging Enforcement Landscape

Across all of these topics, 2025 has been marked by greater alignment among OFAC, BIS, and DOJ as reflected in joint advisories and coordinated actions, such as the Tri-Seal Advisory on Syria sanctions and export controls relief, and cross-agency messaging on Russian oil, Iranian shipping, and cartel designations.

Regulators are explicitly targeting not just primary violators but also enablers, those who facilitate, finance, or conceal restricted transactions. High-risk sectors include maritime and energy logistics, advanced technology supply chains, and financial intermediaries serving Russia, Iran, Syria, or cartel-connected regions.

Internal policy updates, refreshed training, and targeted audits, particularly around end user ownership, routing, and end-use, will be critical to demonstrating readiness in the face of potential enforcement.